TP-Link T1500-28PCT T1500-28PCTTL-SL2428PUN V3 User Guide - Page 362
Using the CLI, Configuring the STP Security, Follow these steps to con the Root protect feature
View all TP-Link T1500-28PCT manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 362 highlights
Configuring Spanning Tree STP Security Configurations Root Protect TC Guard BPDU Protect BPDU Filter BPDU Forward Enable or disable Root Protect. It is recommended to enable this function on the designated ports of the root bridge. Switches with faulty configurations may produce a higher-priority BPDUs than the root bridge's, and this situation will cause recalculation of the spanning tree. Root Protect is used to ensure that the desired root bridge will not lose its position in the scenario above. With root protect enabled, the port will temporarily transit to blocking state when it receives higher-priority BDPUs. After two forward delays, if the port does not receive any other higher-priority BDPUs, it will transit to its normal state. Enable or disable the TC Guard function. It is recommended to enable this function on the ports of non-root switches. TC Guard function is used to prevent the switch from frequently changing the MAC address table. With TC Guard function enabled, when the switch receives TC-BPDUs, it will not process the TC-BPDUs at once. The switch will wait for a fixed time and process the TC-BPDUs together after receiving the first TC-BPDU, then it will restart timing. Enable or disable the BPDU Protect function. It is recommended to enable this function on edge ports. Edge ports in spanning tree are used to connect to the end devices and it doesn't receive BPDUs in the normal situation. If edge ports receive BPDUs, it may be an attack. BPDU Protect is used to protect the switch from the attack talked above. With BPDU protect function enabled, the edge ports will be shutdown when they receives BPDUs, and will report these cases to the administrator. Only the administrator can restore the state of the ports. Enable or disable BPDU Filter. It is recommended to enable this function on edge ports. With BPDU Filter enabled, the port does not forward BPDUs from the other switches. Enable or disable BPDU Forward. This function only takes effect when the spanning tree function is disabled globally. With BPDU forward enabled, the port can still forward spanning tree BPDUs when the spanning tree function is disabled. 4.2 Using the CLI 4.2.1 Configuring the STP Security Follow these steps to configure the Root protect feature, BPDU protect feature and BPDU filter feature for ports: Step 1 configure Enter global configuration mode. User Guide 339